bff

package
v1.7.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 28, 2023 License: MIT Imports: 50 Imported by: 0

Documentation

Index

Constants

View Source
const (
	StartRegistration    = "" /* 160-byte string literal not displayed */
	CompleteRegistration = "" /* 171-byte string literal not displayed */
	SubmitTestnet        = "Review and submit your " + testnetName + " registration."
	SubmitMainnet        = "Review and submit your " + mainnetName + " registration."
	VerifyEmails         = "Your organization's %s registration has been submitted and verification emails have been sent to the contacts specified in the form. Contacts and email addresses must be verified as the first step in the approval process. Please request that contacts verify their email addresses promptly so that the TRISA Validation Team can proceed with the validation process. Please contact TRISA support at " + supportEmail + " if contacts have not received the verification email and link."
	RegistrationPending  = "" /* 139-byte string literal not displayed */
	RegistrationRejected = "Your organization's %s registration has been rejected by the TRISA Validation Team. This means your organization is not a verified member of the TRISA network and cannot communicate with other members. Please contact TRISA support at " + supportEmail + " for additional details and next steps."
	RegistrationApproved = "" /* 197-byte string literal not displayed */
	RenewCertificate     = "" /* 188-byte string literal not displayed */
	CertificateRevoked   = "Your organization's %s X.509 Identity Certificate has been revoked by TRISA. This means your organization is no longer a verified member of the TRISA network and can no longer communicate with other members. Please contact TRISA support at " + supportEmail + " for additional details and next steps."
)
View Source
const (
	DefaultMembersTimeout   = 25 * time.Second
	DefaultMembersPageSize  = 200
	DefaultMembersDirectory = "vaspdirectory.net"
)

The default query parameters against the TRISAMembers gRPC API

View Source
const (
	// TODO: Need to make sure these roles are in sync with the roles in Auth0
	DoubleCookieMaxAge = 24 * time.Hour
	OrgIDKey           = "orgid"
	VASPsKey           = "vasps"
)
View Source
const ContextVerificationStatus = "verification_status"

Variables

View Source
var (
	ErrNotFound             = errors.New("key not found in database")
	ErrUnsuccessfulPut      = errors.New("unable to successfully make Put request to trtl")
	ErrUnsuccessfulDelete   = errors.New("unable to successfully make Delete request to trtl")
	ErrEmptyAnnouncement    = errors.New("cannot post a zero-valued announcement")
	ErrUnboundedRecent      = errors.New("cannot specify zero-valued not before otherwise announcements fetch is unbounded")
	ErrInvalidUserRole      = errors.New("invalid user role specified")
	ErrUserEmailNotFound    = errors.New("could not find user by email address")
	ErrMultipleEmailUsers   = errors.New("multiple users found by email address")
	ErrDomainAlreadyExists  = errors.New("the specified domain already exists")
	ErrNoVerificationStatus = errors.New("no verification status supplied in context")
)

Functions

func FlattenErrs

func FlattenErrs(in []error) (out []error)

FlattenErrs removes nil errors from the slice (exported for testing purposes).

func FlattenResults

func FlattenResults(in []interface{}) (out []interface{})

FlattenResults removes nil values from the slice (exported for testing purposes).

func InsortCollaborator added in v1.6.0

func InsortCollaborator(collabs []*models.Collaborator, value *models.Collaborator, f func(a, b *models.Collaborator) bool) []*models.Collaborator

InsortCollaborator is a helper function to insert a collaborator into a sorted slice using a custom sort function.

func NormalizeDomain added in v1.6.0

func NormalizeDomain(domain string) (string, error)

Normalize a domain name for matching purposes.

func RequireVerification added in v1.7.1

func RequireVerification(c *gin.Context, network string) (verified bool, err error)

A helper function to require verification to the specified network.

func ValidateDomain added in v1.6.0

func ValidateDomain(domain string) error

Validation of domain names which also accepts internationalized domain names. This assumes that the domain name has already been normalized and converted to an ASCII compatible format.

Types

type DatabaseRPC added in v1.5.3

type DatabaseRPC func(ctx context.Context, client store.Store, network string) (interface{}, error)

type GDSClient added in v1.5.0

type GDSClient struct {
	// contains filtered or unexported fields
}

GDSClient is a unified client which contains sub-clients for interacting with the various GDS services. This helps reduce common client code when making parallel requests to both testnet and mainnet.

func (*GDSClient) Close added in v1.5.0

func (c *GDSClient) Close() (err error)

Close the connection to both the TRISA directory service and the Members service.

func (*GDSClient) ConnectGDS added in v1.5.0

func (c *GDSClient) ConnectGDS(conf config.DirectoryConfig, opts ...grpc.DialOption) error

ConnectGDS creates a gRPC client to the TRISA Directory Service specified in the configuration using the provided dial options.

func (*GDSClient) ConnectMembers added in v1.5.0

func (c *GDSClient) ConnectMembers(conf config.MembersConfig, opts ...grpc.DialOption) error

ConnectMembers creates a gRPC client to the TRISA Members Service specified in the configuration using the provided dial options.

func (*GDSClient) Details added in v1.5.0

func (*GDSClient) List added in v1.5.0

Members methods

func (*GDSClient) Lookup added in v1.5.0

func (c *GDSClient) Lookup(ctx context.Context, in *gds.LookupRequest, opts ...grpc.CallOption) (*gds.LookupReply, error)

GDS methods

func (*GDSClient) Register added in v1.5.0

func (c *GDSClient) Register(ctx context.Context, in *gds.RegisterRequest, opts ...grpc.CallOption) (*gds.RegisterReply, error)

func (*GDSClient) Search added in v1.5.0

func (c *GDSClient) Search(ctx context.Context, in *gds.SearchRequest, opts ...grpc.CallOption) (*gds.SearchReply, error)

func (*GDSClient) Status added in v1.5.0

func (c *GDSClient) Status(ctx context.Context, in *gds.HealthCheck, opts ...grpc.CallOption) (*gds.ServiceState, error)

func (*GDSClient) Summary added in v1.5.0

func (*GDSClient) Verification added in v1.5.0

func (c *GDSClient) Verification(ctx context.Context, in *gds.VerificationRequest, opts ...grpc.CallOption) (*gds.VerificationReply, error)

func (*GDSClient) VerifyContact added in v1.5.0

func (c *GDSClient) VerifyContact(ctx context.Context, in *gds.VerifyContactRequest, opts ...grpc.CallOption) (*gds.VerifyContactReply, error)

type GlobalDirectoryClient added in v1.5.0

type GlobalDirectoryClient interface {
	gds.TRISADirectoryClient
	members.TRISAMembersClient
}

GlobalDirectoryClient is a unified interface to access multiple GDS services across multiple connections with different client interfaces.

func ConnectGDS

func ConnectGDS(conf config.NetworkConfig) (_ GlobalDirectoryClient, err error)

ConnectGDS creates a unified client to the TRISA Directory Service and TRISA members service specified in the configuration. This method is used to connect to both the TestNet and the MainNet so we can maintain separate clients for each.

type RPC added in v1.5.0

type RPC func(ctx context.Context, client GlobalDirectoryClient, network string) (proto.Message, error)

RPC allows the BFF to issue arbitrary client methods in parallel to both the testnet and the mainnet. The combined client object, which contains separate sub-clients for the GDS and members services, and network name are passed into the function, allowing the RPC to make any directory service or members service RPC call and log with the associated network.

type Server

type Server struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

func New

func New(conf config.Config) (s *Server, err error)

New creates a new BFF server from the specified configuration.

func (*Server) AddCollaborator added in v1.5.2

func (s *Server) AddCollaborator(c *gin.Context)

AddCollaborator creates a new collaborator with the email address in the request. The endpoint adds the collaborator to the organization record associated with the user and sends a verification email to the provided email address.

@Summary Add collaborator [update:collaborators] @Description Invite a new collaborator to the user's organization. @Tags collaborators @Accept json @Produce json @Param collaborator body models.Collaborator true "Collaborator to add" @Success 200 {object} models.Collaborator @Failure 400 {object} api.Reply "Invalid collaborator, email address is required" @Failure 401 {object} api.Reply @Failure 403 {object} api.Reply "Maximum number of collaborators reached" @Failure 409 {object} api.Reply "Collaborator already exists" @Failure 500 {object} api.Reply @Router /collaborators [post]

func (*Server) Announcements added in v1.5.0

func (s *Server) Announcements(c *gin.Context)

@Summary Get announcements [read:announcements] @Description Get the most recent network announcements @Tags announcements @Produce json @Success 200 {object} api.AnnouncementsReply @Failure 401 {object} api.Reply @Failure 500 {object} api.Reply @Router /announcements [get]

func (*Server) AssignRoles added in v1.6.0

func (s *Server) AssignRoles(userID string, roles []string) (err error)

AssignRoles assigns a set of roles to a user by ID, removing the existing roles and replacing them with the new set.

func (*Server) Attention added in v1.5.0

func (s *Server) Attention(c *gin.Context)

Attention returns the current attention messages for the authenticated user.

@Summary Get attention alerts for the user [read:vasp] @Description Get attention alerts for the user regarding their organization's VASP registration status. @Tags registration @Produce json @Success 200 {object} api.AttentionReply @Success 204 "No attention messages" @Failure 401 {object} api.Reply @Failure 500 {object} api.Reply @Router /attention [get]

func (*Server) Available

func (s *Server) Available() gin.HandlerFunc

Available is middleware that uses the healthy boolean to return a service unavailable http status code if the server is shutting down. This middleware must be first in the chain to ensure that complex handling to slow the shutdown of the server.

func (*Server) Certificates added in v1.5.0

func (s *Server) Certificates(c *gin.Context)

Certificates returns the list of certificates for the authenticated user.

@Summary List certificates for the user [read:vasp] @Description Returns the certificates associated with the user's organization. @Tags certificates @Produce json @Success 200 {object} api.CertificatesReply @Failure 401 {object} api.Reply @Failure 500 {object} api.Reply @Router /certificates [get]

func (*Server) CheckVerification added in v1.7.1

func (s *Server) CheckVerification(c *gin.Context)

CheckVerification is a middleware that discovers whether or not the VASP organization making the request is verified in the GDS. It queries both the mainnet and testnet GDS in parallel and adds context keys about the verification status of the VASP. NOTE: the user must be authenticated before this middleware is executed.

func (*Server) CreateOrganization added in v1.6.0

func (s *Server) CreateOrganization(c *gin.Context)

CreateOrganization creates a new organization in the database. This endpoint returns an error if the organization already exists and the user is assigned to it. The user must have the create:organizations permission to perform this action.

@Summary Create a new organization [create:organizations] @Description Create a new organization with the specified name and domain for the user. @Tags organizations @Accept json @Produce json @Param params body api.OrganizationParams true "Name and domain" @Success 200 {object} api.OrganizationReply @Failure 400 {object} api.Reply "Must provide name and domain" @Failure 401 {object} api.Reply @Failure 409 {object} api.Reply "Domain already exists" @Failure 500 {object} api.Reply @Router /organizations [post]

func (*Server) DeleteCollaborator added in v1.5.4

func (s *Server) DeleteCollaborator(c *gin.Context)

DeleteCollaborator deletes the collaborator in the request from the user's organization. The user must have the update:collaborators permission. Note: This does not return an error if the collaborator does not exist on the organization and instead returns a 200 OK response.

@Summary Delete collaborator [update:collaborators] @Description Delete the collaborator with the given ID from the organization. @Tags collaborators @Produce json @Param id path string true "Collaborator ID" @Success 200 {object} api.Reply @Failure 401 {object} api.Reply @Failure 404 {object} api.Reply @Failure 500 {object} api.Reply @Router /collaborators/{id} [delete]

func (*Server) DeleteOrganization added in v1.7.0

func (s *Server) DeleteOrganization(c *gin.Context)

DeleteOrganization deletes an organization from the database. The user must have the delete:organizations permission and also be a collaborator in the organization to perform this action.

@Summary Delete an organization [delete:organizations] @Description Permanently delete an organization, including the registration and collaborators. This action is irreversible so the frontend should obtain confirmation from the user before calling this endpoint. @Tags organizations @Success 200 {object} api.Reply @Failure 401 {object} api.Reply @Failure 403 {object} api.Reply "User is not a collaborator in the organization" @Failure 404 {object} api.Reply "Organization not found" @Failure 500 {object} api.Reply @Router /organizations/{id} [delete]

func (*Server) FetchUserProfile added in v1.6.1

func (s *Server) FetchUserProfile(id string) (profile *auth.UserProfile, err error)

FetchUserProfile fetches a user profile by ID from the user cache or Auth0 if necessary.

func (*Server) FindRoleByName added in v1.5.0

func (s *Server) FindRoleByName(name string) (*management.Role, error)

func (*Server) FindUserByEmail added in v1.6.0

func (s *Server) FindUserByEmail(email string) (user *management.User, err error)

FindUserByEmail returns the Auth0 user record by email address. This method returns an ErrUserEmailNotFound error if the user does not exist and returns the first user if there are multiple users with the same email address.

func (*Server) GetCertificates added in v1.5.0

func (s *Server) GetCertificates(ctx context.Context, testnetID, mainnetID string) (testnetCerts, mainnetCerts []*models.Certificate, testnetErr, mainnetErr error)

GetCertificates makes parallel calls to the databases to get the certificate information for both testnet and mainnet. If testnetID or mainnetID are empty strings, this will simply return a nil response for the corresponding network so the caller can distinguish between a non registration and an error.

func (*Server) GetConf

func (s *Server) GetConf() config.Config

GetConf returns a copy of the current configuration.

func (*Server) GetRouter

func (s *Server) GetRouter() http.Handler

GetRouter returns the Gin API router for testing purposes.

func (*Server) GetStatuses added in v1.5.0

func (s *Server) GetStatuses(ctx context.Context) (testnet, mainnet *gds.ServiceState, err error)

GetStatuses makes parallel calls to the directory service to get the status information for both testnet and mainnet.

func (*Server) GetSummaries added in v1.5.0

func (s *Server) GetSummaries(ctx context.Context, testnetID, mainnetID string) (testnetSummary, mainnetSummary *members.SummaryReply, testnetErr, mainnetErr error)

GetSummaries makes parallel calls to the members service to get the summary information for both testnet and mainnet. If an endpoint returned an error, then a nil value is returned from this function for that endpoint instead of an error.

func (*Server) GetURL

func (s *Server) GetURL() string

GetURL returns the URL that the server can be reached if it has been started. This accessor is primarily used to create a test client.

func (*Server) GetVASPs added in v1.5.0

func (s *Server) GetVASPs(ctx context.Context, testnetID, mainnetID string) (testnetVASP, mainnetVASP *pb.VASP, testnetErr, mainnetErr error)

GetVASPs makes parallel calls to the databases to retrieve VASP records from testnet and mainnet. If testnet or mainnet are empty strings, this will simply return a nil response for the corresponding network so the caller can distinguish between a non registration and an error.

func (*Server) ListCollaborators added in v1.6.0

func (s *Server) ListCollaborators(c *gin.Context)

ListCollaborators lists all the collaborators on the user's organization.

@Summary List collaborators [read:collaborators] @Description Returns all collaborators on the user's organization sorted by email address. @Tags collaborators @Produce json @Success 200 {object} api.ListCollaboratorsReply @Failure 401 {object} api.Reply @Failure 500 {object} api.Reply @Router /collaborators [get]

func (*Server) ListOrganizations added in v1.6.0

func (s *Server) ListOrganizations(c *gin.Context)

ListOrganizations returns a list of organizations that the user is a member of. The user must have the read:organizations permission to perform this action.

@Summary List organizations [read:organizations] @Description Return the list of organizations that the user is assigned to. @Tags organizations @Produce json @Param name query string false "Organization name filter" @Param page query int false "Page number" default(1) @Param page_size query int false "Page size" default(8) @Success 200 {object} api.ListOrganizationsReply @Failure 401 {object} api.Reply @Failure 500 {object} api.Reply @Router /organizations [get]

func (*Server) ListUserRoles added in v1.6.0

func (s *Server) ListUserRoles(c *gin.Context)

ListUserRoles returns the list of assignable user roles.

@Summary Get the list of assignable user roles @Description Get the list of assignable user roles @Tags users @Produce json @Success 200 {list} string @Router /users/roles [get]

func (*Server) LoadCollaboratorDetails added in v1.5.4

func (s *Server) LoadCollaboratorDetails(collab *models.Collaborator) (err error)

LoadCollaboratorDetails updates a collaborator record with the user details in Auth0. The collaborator must have a user ID on it and the data in Auth0 will overwrite the data on the collaborator record.

func (*Server) LoadRegisterForm added in v1.5.0

func (s *Server) LoadRegisterForm(c *gin.Context)

Returns the user's current registration form if it's available

@Summary Get the user's current registration form [read:vasp] @Description Get the registration form associated with the user's organization. @Tags registration @Produce json @Param params body api.RegistrationFormParams false "Load registration form parameters" @Success 200 {object} object "Registration form" @Failure 400 {object} api.Reply @Failure 401 {object} api.Reply @Failure 500 {object} api.Reply @Router /register [get]

func (*Server) Login added in v1.5.0

func (s *Server) Login(c *gin.Context)

Login performs post-authentication checks and ensures that the user has the proper permissions and roles after they sign in with Auth0. The front-end should call the BFF login endpoint after the user signs in, providing the access_token in the request. If there is no access token a 401 is returned. This endpoint verifies that the user has a role and organization assigned to it and that the organization is up to date with the auth0 app_data.

By default, this endpoint attempts to log the user into their last used organization, using the orgID in the user app metadata. The endpoint also accepts an orgID parameter as part of the request which determines the organization the user should be assigned to. This parameter is used to facilitate organization switching from the frontend as well as completing the invite workflow for new collaborators joining an organization. If the orgID is not provided as part of the request or does not exist in the user's app metadata, a new organization is automatically created for them and they are assigned the organization leader role. If the auth0 app data was changed, this returns a response with the refresh_token field set to true, indicating that the frontend should refresh the access token to ensure that the user claims are up to date.

@Summary Login a user to the BFF @Description Completes the user login process by assigning the user to an organization and verifying that the user has the proper roles. @Tags users @Accept json @Produce json @Param params body api.LoginParams true "Login parameters" @Success 200 {object} api.Reply "Login successful, token refresh required" @Success 204 "Login successful" @Failure 400 {object} api.Reply @Failure 401 {object} api.Reply @Failure 403 {object} api.Reply "User invitation has expired" @Failure 404 {object} api.Reply "Organization not found" @Failure 500 {object} api.Reply @Router /users/login [post]

func (*Server) Lookup

func (s *Server) Lookup(c *gin.Context)

Lookup makes a request on behalf of the user to both the TestNet and MainNet GDS servers, returning 1-2 results (e.g. either or both GDS responses). If no results are returned, Lookup returns a 404 not found error. If one of the GDS requests fails, the error is logged, but the valid response is returned. If both GDS requests fail, a 500 error is returned. This endpoint passes through the response from GDS as JSON, the result should contain a registered_directory field that identifies which network the record is associated with.

@Summary Lookup a VASP record by name or ID @Description Lookup a VASP record in both TestNet and MainNet, returning either or both results. @Tags GDS @Accept json @Produce json @Param params body api.LookupParams true "Lookup parameters" @Success 200 {object} api.LookupReply @Failure 400 {object} api.Reply "Either ID or CommonName must be provided" @Failure 404 {object} api.Reply "No results returned for query" @Failure 500 {object} api.Reply "Internal server error" @Router /lookup [get]

func (*Server) MakeAnnouncement added in v1.5.0

func (s *Server) MakeAnnouncement(c *gin.Context)

@Summary Post an announcement [create:announcements] @Description Post a new announcement to the network @Tags announcements @Accept json @Produce json @Param announcement body models.Announcement true "Announcement to post" @Success 204 @Failure 400 {object} api.Reply "Post date and author are required" @Failure 401 {object} api.Reply @Failure 500 {object} api.Reply @Router /announcements [post]

func (*Server) MemberDetail added in v1.7.1

func (s *Server) MemberDetail(c *gin.Context)

MemberDetail endpoint is an authenticated endpoint that returns more detailed information about a verified VASP member from the specified directory (either TestNet or MainNet). This endpoint requires the read:vasp permission and is only available to organizations that have themselves been verified through the TRISA directory that they are querying.

@Summary Get details for a VASP in the specified directory [read:vasp] @Description Returns details for a VASP by ID and directory so long as the organization is a verified member of that directory. @Tags members @Accept json @Produce json @Param params body api.MemberDetailsParams true "VASP ID and directory" @Success 200 {object} object "VASP Details" @Failure 400 {object} api.Reply "VASP ID and directory are required" @Failure 401 {object} api.Reply @Failure 404 {object} api.Reply @Failure 500 {object} api.Reply @Router /members/{id} [get]

func (*Server) MemberList added in v1.7.1

func (s *Server) MemberList(c *gin.Context)

MemberList is an authenticated endpoint that returns a list of all verified VASPs in the requested directory (e.g. either TestNet or MainNet). This endpoint requires the read:vasp permission and is only available to organizations that have themselves been verified through the TRISA directory that they are querying.

@Summary List verified VASPs in the specified directory [read:vasp]. @Description Returns a list of verified VASPs in the specified directory so long as the organization is a verified member of that directory. @Tags members @Accept json @Produce json @Param params body api.MemberPageInfo true "Directory and Pagination" @Success 200 {object} object "VASP List" @Failure 400 {object} api.Reply "VASP ID and directory are required" @Failure 401 {object} api.Reply @Failure 404 {object} api.Reply @Failure 500 {object} api.Reply @Router /members [get]

func (*Server) OrganizationFromClaims added in v1.5.0

func (s *Server) OrganizationFromClaims(c *gin.Context) (org *models.Organization, err error)

OrganizationFromClaims is a helper method to retrieve the organization for a particular request by fetching the orgID from the claims and querying the database. If there is an error fetching the organization, the appropriate error response is made on the gin writer and logged. The caller should check for error and return.

func (*Server) OrganizationFromID added in v1.6.0

func (s *Server) OrganizationFromID(id string) (org *models.Organization, err error)

func (*Server) Overview added in v1.5.0

func (s *Server) Overview(c *gin.Context)

Overview endpoint is an authenticated endpoint that requires the read:vasp permission.

@Summary Get summary information for the overview dashboard [read:vasp] @Description Returns a high level summary representing the state of each directory service and VASP registrations. @Tags overview @Produce json @Success 200 {object} api.OverviewReply @Failure 401 {object} api.Reply @Failure 500 {object} api.Reply @Router /overview [get]

func (*Server) ParallelDBRequests added in v1.5.3

func (s *Server) ParallelDBRequests(ctx context.Context, rpc DatabaseRPC, flatten bool) (results []interface{}, errs []error)

ParallelAdminRequests makes concurrent requests to both the testnet and the mainnet, storing the results and errors in a slice of length 2 ([testnet, mainnet]). If the flatten bool is true, then nil values are removed from the slice (though this will make which network returned the result ambiguous).

func (*Server) ParallelGDSRequests

func (s *Server) ParallelGDSRequests(ctx context.Context, rpc RPC, flatten bool) (results []interface{}, errs []error)

ParallelGDSRequests makes concurrent requests to both the testnet and the mainnet, storing the results and errors in a slice of length 2 ([testnet, mainnet]). If the flatten bool is true, then nil values are removed from the slice (though this will make which network returned the result ambiguous).

func (*Server) PatchOrganization added in v1.7.0

func (s *Server) PatchOrganization(c *gin.Context)

PatchOrganization patches an organization in the database with the provided fields.

@Summary Patch organization [update:organizations] @Description Patch an organization with the provided fields. @Tags organizations @Accept json @Produce json @Param id path string true "Organization ID" @Param params body api.OrganizationParams true "Fields to update" @Success 200 {object} api.OrganizationReply @Failure 400 {object} api.Reply "Invalid organization domain" @Failure 401 {object} api.Reply @Failure 403 {object} api.Reply "User is not authorized to access this organization" @Failure 404 {object} api.Reply "Organization not found" @Failure 409 {object} api.Reply "Organization with domain already exists" @Failure 500 {object} api.Reply @Router /organizations/{id} [patch]

func (*Server) PostAnnouncement added in v1.5.3

func (s *Server) PostAnnouncement(in *models.Announcement) (_ string, err error)

Post an announcement, putting it to the database. This method does no verification of duplicate announcements or any content verification except for a check that an empty announcement is not being put to the database. Announcements are stored in announcement months, so the month for the announcement is extracted and the announcement is inserted into the correct month, creating it if necessary.

func (*Server) RecentAnnouncements added in v1.5.3

func (s *Server) RecentAnnouncements(maxResults int, notBefore, start time.Time) (out *api.AnnouncementsReply, err error)

RecentAnnouncements returns the set of results whose post date is after the not before timestamp, limited to the maximum number of results. Last updated returns the timestamp that any announcement was added or changed.

func (*Server) RegistrationStatus added in v1.5.0

func (s *Server) RegistrationStatus(c *gin.Context)

RegistrationStatus returns the registration status for both testnet and mainnet for the user.

@Summary Get current registration status for the user [read:vasp] @Description Returns timestamps indicating when the user has submitted their TestNet and MainNet registrations. @Tags registration @Produce json @Success 200 {object} api.RegistrationStatus @Failure 401 {object} api.Reply @Failure 500 {object} api.Reply

func (*Server) ResetRegisterForm added in v1.7.0

func (s *Server) ResetRegisterForm(c *gin.Context)

Resets the user's current registration form to the defaults.

@Summary Reset the user's current registration form [update:vasp] @Description Reset the registration form associated with the user's organization for the requested step. @Tags registration @Produce json @Param params body api.RegistrationFormParams false "Reset registration form parameters" @Success 200 {object} object "Registration form" @Failure 400 {object} api.Reply @Failure 401 {object} api.Reply @Failure 500 {object} api.Reply @Router /register [delete]

func (*Server) SaveAuth0AppMetadata added in v1.5.0

func (s *Server) SaveAuth0AppMetadata(uid string, appdata auth.AppMetadata) (err error)

func (*Server) SaveRegisterForm added in v1.5.0

func (s *Server) SaveRegisterForm(c *gin.Context)

Saves the registration form on the BFF to allow multiple users to edit the registration form before it is submitted to the directory service.

@Summary Save a registration form to the database [update:vasp] @Description Save a registration form to the user's organization in the database. @Tags registration @Accept json @Produce json @Param form body object true "Registration form" @Success 200 {object} object "Registration form" @Success 204 "Empty form was provided" @Failure 400 {object} api.Reply @Failure 401 {object} api.Reply @Failure 500 {object} api.Reply @Router /register [put]

func (*Server) Serve

func (s *Server) Serve() (err error)

Serve API requests on the specified address.

func (*Server) SetDB

func (s *Server) SetDB(db store.Store)

SetDB allows tests to set a bufconn client to a mock trtl server.

func (*Server) SetGDSClients added in v1.5.0

func (s *Server) SetGDSClients(testnet, mainnet *GDSClient)

SetGDSClients allows tests to set a bufconn client to a mock GDS server.

func (*Server) SetHealth

func (s *Server) SetHealth(health bool)

func (*Server) SetMainNetDB added in v1.5.3

func (s *Server) SetMainNetDB(mainnet store.Store)

SetMainNetDB allows tests to set the mainnet database client to a mock client

func (*Server) SetTestNetDB added in v1.5.3

func (s *Server) SetTestNetDB(testnet store.Store)

SetTestNetDB allows tests to set the testnet database client to a mock client

func (*Server) SetURL

func (s *Server) SetURL(url string)

func (*Server) Shutdown

func (s *Server) Shutdown() (err error)

func (*Server) Status

func (s *Server) Status(c *gin.Context)

@Summary Get the status of the BFF server @Description Returns the status of the BFF server, including the status of the directory services. @Tags status @Produce json @Param nogds query bool false "If true, do not check the status of the directory services." @Success 200 {object} api.StatusReply @Failure 400 {object} api.Reply @Router /status [get]

func (*Server) SubmitRegistration added in v1.5.0

func (s *Server) SubmitRegistration(c *gin.Context)

SubmitRegistration makes a request on behalf of the user to either the TestNet or the MainNet GDS server based on the URL endpoint. The endpoint will first load the saved registration form from the front-end and will parse it for some basic validity constraints - it will then submit the form and return any response from the directory.

@Summary Submit a registration form to a directory service [update:vasp] @Description Submit a registration form to the TestNet or MainNet directory service. @Tags registration @Produce json @Param directory path string true "Directory service to submit the registration form to (testnet or mainnet)" @Success 200 {object} api.RegisterReply @Failure 400 {object} api.Reply @Failure 401 {object} api.Reply @Failure 409 {object} api.Reply @Failure 500 {object} api.Reply @Router /register/{directory} [post]

func (*Server) SwitchUserOrganization added in v1.7.0

func (s *Server) SwitchUserOrganization(user *management.User, appdata *auth.AppMetadata) (err error)

Switch the user to an available organization by updating their app metadata on Auth0. This always clears the current organization info from the app metadata but only replaces it if another organization is found. TODO: This switches the user to the first valid organization in the list. Should we switch the user to their last used organization instead?

func (*Server) UpdateCollaboratorRoles added in v1.5.4

func (s *Server) UpdateCollaboratorRoles(c *gin.Context)

UpdateCollaboratorRoles updates the roles of the collaborator ID in the request, ensuring that the roles are updated both on the organization record and in Auth0. The user must have the update:collaborators permission to make this request.

@Summary Update collaborator roles [update:collaborators] @Description Replace the roles of the collaborator with the given ID. @Tags collaborators @Accept json @Produce json @Param id path string true "Collaborator ID" @Param roles body api.UpdateRolesParams true "New roles for the collaborator" @Success 200 {object} api.UpdateRolesParams @Failure 400 {object} api.Reply @Failure 401 {object} api.Reply @Failure 404 {object} api.Reply @Failure 500 {object} api.Reply @Router /collaborators/{id} [post]

func (*Server) UpdateUser added in v1.6.1

func (s *Server) UpdateUser(c *gin.Context)

UpdateUser updates the user's profile information in Auth0.

@Summary Update the user's profile @Description Update the user's profile information in Auth0. @Tags users @Accept json @Success 204 {object} api.Reply @Failure 400 {object} api.Reply @Failure 401 {object} api.Reply @Failure 500 {object} api.Reply @Router /users [patch]

func (*Server) UserOrganization added in v1.6.0

func (s *Server) UserOrganization(c *gin.Context)

UserOrganization returns the current organization that the user is logged into. The user must have the read:organizations permission to perform this action.

@Summary Get the user's current organization [read:organizations] @Description Get high level info about the user's current organization @Tags users @Produce json @Success 200 {object} api.OrganizationReply @Failure 401 {object} api.Reply @Failure 500 {object} api.Reply @Router /users/organization [get]

func (*Server) ValidateOrganizationDomain added in v1.6.0

func (s *Server) ValidateOrganizationDomain(domain string, appdata *auth.AppMetadata) (string, error)

ValidateOrganizationDomain performs any necessary normalization and validation of an organization domain name, ensuring that the domain is not already in use by another organization on the specified app metadata and returning the normalized domain name for storage.

func (*Server) VerifyContact

func (s *Server) VerifyContact(c *gin.Context)

VerifyContact is currently a passthrough helper that forwards the verify contact request from the user interface to the GDS that needs contact verification.

@Summary Verify a VASP contact @Description Verify a VASP contact using a TestNet or MainNet GDS. @Tags GDS @Accept json @Produce json @Param params body api.VerifyContactParams true "Verify contact parameters" @Success 200 {object} api.VerifyContactReply @Failure 400 {object} api.Reply @Failure 404 {object} api.Reply @Failure 409 {object} api.Reply @Failure 500 {object} api.Reply @Router /verify [get]

type VASPVerificationStatus added in v1.7.1

type VASPVerificationStatus struct {
	Status   string
	Verified bool
}

type VerificationStatus added in v1.7.1

type VerificationStatus struct {
	MainNet *VASPVerificationStatus
	TestNet *VASPVerificationStatus
}

func GetVerificationStatus added in v1.7.1

func GetVerificationStatus(c *gin.Context) (*VerificationStatus, error)

A helper function to quickly retrieve the verification status from the context; return an error if the verification status does not exist. Panics if the status is not the correct type, e.g. not set by the CheckVerification middleware.

Directories

Path Synopsis
api
v1
authtest
Package authtest provides a wrapped httptest.Server that will respond to auth0 requests.
Package authtest provides a wrapped httptest.Server that will respond to auth0 requests.
clive
Package clive provides CLI-Live interactions with Auth0 by running a local server for OAuth challenges and handling them on behalf of the user.
Package clive provides CLI-Live interactions with Auth0 by running a local server for OAuth challenges and handling them on behalf of the user.
models
v1

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL